<?php
header("Content-type:text/html; charset=utf-8;");
require '../../../ppf/fun.php';
require '../../../ppf/pdo_mysql.php';
require '../../../ppf/Filter.php';
/*p($_POST);
var_dump(json_decode($_POST['attachment']));
exit;*/
$pd=new pdo_mysql();
$filter=new Filter();
session_start();

if(empty($_SESSION['uid'])){
	echo '请登录后再进行操作';exit;
}
$submitMethod=$_SERVER["REQUEST_METHOD"];
if($submitMethod=='POST'){
	$acceptsch_id   = empty($_POST['acceptsch_id'])?'':Filter::filter_html($_POST['acceptsch_id']);
	$content    = $_POST['content'];
	$attachment='';
    if($_POST['attachment']!=''){
    	$attachment_info=json_decode($_POST['attachment']);
		$attach=array();
    	foreach($attachment_info as $k=>$v){
			$attach[]=array('id'=>Filter::safe_string($v->id),'name'=>Filter::safe_string($v->name),'save_path'=>Filter::safe_string($v->save_path),'timestamp'=>time());
    		$attachment.=Filter::safe_string($v->id).',';
    	}
    }
	$attachment=rtrim($attachment,",");
	
	$in_data=array(
		'sender'     =>$_SESSION['uid'],
		'acceptsch'   =>$acceptsch_id,
		'content'    =>$content,
		'attachment' =>$attachment,
		'time'  =>date('Y-m-d H:i:s',time())
	);
	$rs = $pd->exec("insert into sys_announce(sender,content,attachment,time,acceptsch) values(
										'".$_SESSION['uid']."',
										'".$content."',
										'".$attachment."',
										'".date('Y-m-d H:i:s',time())."',
										'".$acceptsch_id."'
		)");

	if($rs){
		if(isset($attach)){
			foreach($attach as $k=>$v){
				$pd->insert(array('data'=>$v,'table'=>'sys_announce_attachment'));
			}
		}
		$tips='发送成功';
    }else{
    	$tips='发送失败，请重试';
    }
    echo $tips;exit;
}else{
	echo '不允许的表单提交方式，请按正常流程提交表单。';exit;
}
?>